Intrusion detection method using adaptive rule estimation in network-based instrusion detection system
First Claim
1. An intrusion detection method by adaptive rule estimation in a network-based intrusion detection system (NIDS), comprising the steps of:
- collecting a packet on a network, and searching for an original rule most similar to the collected packet from a rule database in which a rule for intrusion detection is stored; and
judging whether a hacker intrudes by estimating a changed position of the collected packet from the original rule.
1 Assignment
0 Petitions
Accused Products
Abstract
An intrusion detection method by adaptive rule estimation in a network-based intrusion detection system (NDS) is disclosed. The method includes collecting a packet on a network and searching for an original rule most similar to the collected packet from a rule database in which a rule for intrusion detection is stored, and judging whether a hacker intrudes by estimating a changed position of the collected packet from the original rule. Accordingly, it is possible to prevent an indirect attack of a hacker using a packet whose number of bits is changed due to deletion/insertion of characters from/into the packet.
60 Citations
3 Claims
-
1. An intrusion detection method by adaptive rule estimation in a network-based intrusion detection system (NIDS), comprising the steps of:
-
collecting a packet on a network, and searching for an original rule most similar to the collected packet from a rule database in which a rule for intrusion detection is stored; and
judging whether a hacker intrudes by estimating a changed position of the collected packet from the original rule. - View Dependent Claims (2, 3)
-
Specification